[edk2-devel] [PATCH ovmf v3 0/5] Enable AMD SEV-ES DebugSwap

[edk2-devel] [PATCH ovmf v3 0/5] Enable AMD SEV-ES DebugSwap

[Alexey Kardashevskiy via groups.io]

This is to prevent #DB interception on SEV-ES VM with
enabled DebugSwap feature, more details in 3/5.

The corresponding Linux change (HV and VM) went upstream
long time ago:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e221804dad4e
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d1f85fbe836e

The previous conversation (more than a year ago) is here:
https://edk2.groups.io/g/devel/message/96808

v2 failed CI so here is v3 but with cosmetic changes only.

This is based on sha1
fecf55a66a1c Michael Roth "OvmfPkg/CcExitLib: Drop special handling for Encrypted MMIO to APIC".

Please comment. Thanks.



Alexey Kardashevskiy (5):
  MdePkg/Register/Amd: Define all bits from MSR_SEV_STATUS_REGISTER
  MdePkg: Add AMD SEV features to PcdConfidentialComputingGuestAttr
  OvmfPkg: Add AMD SEV-ES DebugSwap feature support
  UefiCpuPkg: Add AMD SEV-ES features support
  OvmfPkf: Enable AMD SEV-ES DebugSwap for DXE

 MdePkg/Include/ConfidentialComputingGuestAttr.h                    | 15 ++++-
 MdePkg/Include/Register/Amd/Fam17Msr.h                             | 63 ++++++++++++++++++--
 OvmfPkg/Include/Library/MemEncryptSevLib.h                         | 12 ++++
 OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c | 27 ++++++++-
 OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c | 19 ++++++
 OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 19 ++++++
 OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                        |  8 +++
 OvmfPkg/PlatformPei/AmdSev.c                                       | 13 +++-
 UefiCpuPkg/Library/MpInitLib/MpLib.c                               | 12 +++-
 9 files changed, 173 insertions(+), 15 deletions(-)

-- 
2.44.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118513): https://edk2.groups.io/g/devel/message/118513
Mute This Topic: https://groups.io/mt/105863808/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v3 1/5] MdePkg/Register/Amd: Define all bits from MSR_SEV_STATUS_REGISTER

[Alexey Kardashevskiy via groups.io]

For now we need DebugSwap but others are likely to be needed too.

Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
 MdePkg/Include/Register/Amd/Fam17Msr.h | 63 ++++++++++++++++++--
 1 file changed, 59 insertions(+), 4 deletions(-)

diff --git a/MdePkg/Include/Register/Amd/Fam17Msr.h b/MdePkg/Include/Register/Amd/Fam17Msr.h
index f2d5ccb39dc7..bce51a66517f 100644
--- a/MdePkg/Include/Register/Amd/Fam17Msr.h
+++ b/MdePkg/Include/Register/Amd/Fam17Msr.h
@@ -126,19 +126,74 @@ typedef union {
     ///
     /// [Bit 0] Secure Encrypted Virtualization (Sev) is enabled
     ///
-    UINT32    SevBit    : 1;
+    UINT32    SevBit              : 1;
 
     ///
     /// [Bit 1] Secure Encrypted Virtualization Encrypted State (SevEs) is enabled
     ///
-    UINT32    SevEsBit  : 1;
+    UINT32    SevEsBit            : 1;
 
     ///
     /// [Bit 2] Secure Nested Paging (SevSnp) is enabled
     ///
-    UINT32    SevSnpBit : 1;
+    UINT32    SevSnpBit           : 1;
 
-    UINT32    Reserved2 : 29;
+    ///
+    /// [Bit 3] The guest was run with the Virtual TOM feature enabled in SEV_FEATURES[1]
+    ///
+    UINT32    vTOM_Enabled        : 1;
+
+    ///
+    /// [Bit 4] The guest was run with the ReflectVC feature enabled in SEV_FEATURES[2]
+    ///
+    UINT32    ReflectVC           : 1;
+
+    ///
+    /// [Bit 5] The guest was run with the Restricted Injection feature enabled in SEV_FEATURES[3]
+    ///
+    UINT32    RestrictedInjection : 1;
+
+    ///
+    /// [Bit 6] The guest was run with the Alternate Injection feature enabled in SEV_FEATURES[4]
+    ///
+    UINT32    AlternateInjection  : 1;
+
+    ///
+    /// [Bit 7] This guest was run with debug register swapping enabled in SEV_FEATURES[5]
+    ///
+    UINT32    DebugSwap           : 1;
+
+    ///
+    /// [Bit 8]  This guest was run with the PreventHostIBS feature enabled in SEV_FEATURES[6]
+    ///
+    UINT32    PreventHostIBS      : 1;
+
+    ///
+    /// [Bit 9] The guest was run with the BTB isolation feature enabled in SEV_FEATURES[7]
+    ///
+    UINT32    SNPBTBIsolation     : 1;
+
+    ///
+    /// [Bit 10]
+    ///
+    UINT32    Reserved0           : 1;
+
+    ///
+    /// [Bit 11] The guest was run with the Secure TSC feature enabled in SEV_FEATURES[9]
+    ///
+    UINT32    SecureTsc           : 1;
+
+    ///
+    /// [Bits 12 13 14 15]
+    ///
+    UINT32    Reserved1           : 4;
+
+    ///
+    /// [Bit 16] The guest was run with the VMSA Register Protection feature enabled in SEV_FEATURES[14]
+    ///
+    UINT32    VmsaRegProt_Enabled : 1;
+
+    UINT32    Reserved2           : 15;
   } Bits;
   ///
   /// All bit fields as a 32-bit value
-- 
2.44.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118514): https://edk2.groups.io/g/devel/message/118514
Mute This Topic: https://groups.io/mt/105863816/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH ovmf v3 1/5] MdePkg/Register/Amd: Define all bits from MSR_SEV_STATUS_REGISTER

[Lendacky, Thomas via groups.io]

On 5/2/24 09:34, Alexey Kardashevskiy wrote:
> For now we need DebugSwap but others are likely to be needed too.
> 
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> Signed-off-by: Alexey Kardashevskiy <aik@amd.com>

A recent APM has defined a few more and has slightly different naming 
(see below). If you have to submit another version it might be good to 
update them. Otherwise:

Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>

> ---
>   MdePkg/Include/Register/Amd/Fam17Msr.h | 63 ++++++++++++++++++--
>   1 file changed, 59 insertions(+), 4 deletions(-)
> 
> diff --git a/MdePkg/Include/Register/Amd/Fam17Msr.h b/MdePkg/Include/Register/Amd/Fam17Msr.h
> index f2d5ccb39dc7..bce51a66517f 100644
> --- a/MdePkg/Include/Register/Amd/Fam17Msr.h
> +++ b/MdePkg/Include/Register/Amd/Fam17Msr.h
> @@ -126,19 +126,74 @@ typedef union {
>       ///
>       /// [Bit 0] Secure Encrypted Virtualization (Sev) is enabled
>       ///
> -    UINT32    SevBit    : 1;
> +    UINT32    SevBit              : 1;
>   
>       ///
>       /// [Bit 1] Secure Encrypted Virtualization Encrypted State (SevEs) is enabled
>       ///
> -    UINT32    SevEsBit  : 1;
> +    UINT32    SevEsBit            : 1;
>   
>       ///
>       /// [Bit 2] Secure Nested Paging (SevSnp) is enabled
>       ///
> -    UINT32    SevSnpBit : 1;
> +    UINT32    SevSnpBit           : 1;
>   
> -    UINT32    Reserved2 : 29;
> +    ///
> +    /// [Bit 3] The guest was run with the Virtual TOM feature enabled in SEV_FEATURES[1]
> +    ///
> +    UINT32    vTOM_Enabled        : 1;

The APM has this as vTOM and the PPR as VirtualTOM, so can probably 
remove the _Enabled.

> +
> +    ///
> +    /// [Bit 4] The guest was run with the ReflectVC feature enabled in SEV_FEATURES[2]
> +    ///
> +    UINT32    ReflectVC           : 1;
> +
> +    ///
> +    /// [Bit 5] The guest was run with the Restricted Injection feature enabled in SEV_FEATURES[3]
> +    ///
> +    UINT32    RestrictedInjection : 1;
> +
> +    ///
> +    /// [Bit 6] The guest was run with the Alternate Injection feature enabled in SEV_FEATURES[4]
> +    ///
> +    UINT32    AlternateInjection  : 1;
> +
> +    ///
> +    /// [Bit 7] This guest was run with debug register swapping enabled in SEV_FEATURES[5]
> +    ///
> +    UINT32    DebugSwap           : 1;

The APM has this as DebugVirtualization and the PPR as DebugSwapSupport.

> +
> +    ///
> +    /// [Bit 8]  This guest was run with the PreventHostIBS feature enabled in SEV_FEATURES[6]
> +    ///
> +    UINT32    PreventHostIBS      : 1;
> +
> +    ///
> +    /// [Bit 9] The guest was run with the BTB isolation feature enabled in SEV_FEATURES[7]
> +    ///
> +    UINT32    SNPBTBIsolation     : 1;

The APM has this as BTBIsolation, while the PPR has it as you do.

> +
> +    ///
> +    /// [Bit 10]
> +    ///
> +    UINT32    Reserved0           : 1;
> +
> +    ///
> +    /// [Bit 11] The guest was run with the Secure TSC feature enabled in SEV_FEATURES[9]
> +    ///
> +    UINT32    SecureTsc           : 1;
> +
> +    ///
> +    /// [Bits 12 13 14 15]
> +    ///
> +    UINT32    Reserved1           : 4;
> +
> +    ///
> +    /// [Bit 16] The guest was run with the VMSA Register Protection feature enabled in SEV_FEATURES[14]
> +    ///
> +    UINT32    VmsaRegProt_Enabled : 1;

The APM has this VmsaRegProt, so can probably drop the _Enabled.

> +
> +    UINT32    Reserved2           : 15;
>     } Bits;
>     ///
>     /// All bit fields as a 32-bit value


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119085): https://edk2.groups.io/g/devel/message/119085
Mute This Topic: https://groups.io/mt/105863816/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v3 2/5] MdePkg: Add AMD SEV features to PcdConfidentialComputingGuestAttr

[Alexey Kardashevskiy via groups.io]

PcdConfidentialComputingGuestAttr so far only contained an SEV mode bit
but there are more other features which do not translate to levels
such as DebugSwap or SecureTsc.

This adds the features mask and the DebugSwap feature bit to a PCD.

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v2:
* expanded features mask
* added type mask
---
 MdePkg/Include/ConfidentialComputingGuestAttr.h | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h
index 44e6df800207..c3a3dfb393f0 100644
--- a/MdePkg/Include/ConfidentialComputingGuestAttr.h
+++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
@@ -29,9 +29,20 @@ typedef enum {
 
   /* The guest is running with Intel TDX memory encryption enabled. */
   CCAttrIntelTdx = 0x200,
+
+  CCAttrTypeMask = 0x000000000000ffff,
+
+  /* Features */
+
+  /* The AMD SEV-ES DebugSwap feature is enabled in SEV_STATUS */
+  CCAttrFeatureAmdSevDebugSwap = 0x0000000000010000,
+
+  CCAttrFeatureMask = 0xffffffffffff0000,
 } CONFIDENTIAL_COMPUTING_GUEST_ATTR;
 
-#define CC_GUEST_IS_TDX(x)  ((x) == CCAttrIntelTdx)
-#define CC_GUEST_IS_SEV(x)  ((x) == CCAttrAmdSev || (x) == CCAttrAmdSevEs || (x) == CCAttrAmdSevSnp)
+#define _CC_GUEST_IS_TDX(x)  ((x) == CCAttrIntelTdx)
+#define CC_GUEST_IS_TDX(x)   _CC_GUEST_IS_TDX((x) & CCAttrTypeMask)
+#define _CC_GUEST_IS_SEV(x)  ((x) == CCAttrAmdSev || (x) == CCAttrAmdSevEs || (x) == CCAttrAmdSevSnp)
+#define CC_GUEST_IS_SEV(x)   _CC_GUEST_IS_SEV((x) & CCAttrTypeMask)
 
 #endif
-- 
2.44.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118515): https://edk2.groups.io/g/devel/message/118515
Mute This Topic: https://groups.io/mt/105863820/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH ovmf v3 2/5] MdePkg: Add AMD SEV features to PcdConfidentialComputingGuestAttr

[Lendacky, Thomas via groups.io]

On 5/2/24 09:34, Alexey Kardashevskiy wrote:
> PcdConfidentialComputingGuestAttr so far only contained an SEV mode bit
> but there are more other features which do not translate to levels
> such as DebugSwap or SecureTsc.
> 
> This adds the features mask and the DebugSwap feature bit to a PCD.
> 
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Signed-off-by: Alexey Kardashevskiy <aik@amd.com>

One nit below, otherwise:

Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>

> ---
> Changes:
> v2:
> * expanded features mask
> * added type mask
> ---
>   MdePkg/Include/ConfidentialComputingGuestAttr.h | 15 +++++++++++++--
>   1 file changed, 13 insertions(+), 2 deletions(-)
> 
> diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h
> index 44e6df800207..c3a3dfb393f0 100644
> --- a/MdePkg/Include/ConfidentialComputingGuestAttr.h
> +++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
> @@ -29,9 +29,20 @@ typedef enum {
>   
>     /* The guest is running with Intel TDX memory encryption enabled. */
>     CCAttrIntelTdx = 0x200,
> +
> +  CCAttrTypeMask = 0x000000000000ffff,
> +
> +  /* Features */
> +
> +  /* The AMD SEV-ES DebugSwap feature is enabled in SEV_STATUS */
> +  CCAttrFeatureAmdSevDebugSwap = 0x0000000000010000,

Should this be CCAttrFeatureAmdSevEsDebugSwap? Otherwise, maybe just 
make it CCAttrFeatureAmdDebugSwap.

Thanks,
Tom

> +
> +  CCAttrFeatureMask = 0xffffffffffff0000,
>   } CONFIDENTIAL_COMPUTING_GUEST_ATTR;
>   
> -#define CC_GUEST_IS_TDX(x)  ((x) == CCAttrIntelTdx)
> -#define CC_GUEST_IS_SEV(x)  ((x) == CCAttrAmdSev || (x) == CCAttrAmdSevEs || (x) == CCAttrAmdSevSnp)
> +#define _CC_GUEST_IS_TDX(x)  ((x) == CCAttrIntelTdx)
> +#define CC_GUEST_IS_TDX(x)   _CC_GUEST_IS_TDX((x) & CCAttrTypeMask)
> +#define _CC_GUEST_IS_SEV(x)  ((x) == CCAttrAmdSev || (x) == CCAttrAmdSevEs || (x) == CCAttrAmdSevSnp)
> +#define CC_GUEST_IS_SEV(x)   _CC_GUEST_IS_SEV((x) & CCAttrTypeMask)
>   
>   #endif


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119086): https://edk2.groups.io/g/devel/message/119086
Mute This Topic: https://groups.io/mt/105863820/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v3 3/5] OvmfPkg: Add AMD SEV-ES DebugSwap feature support

[Alexey Kardashevskiy via groups.io]

The SEV-ES DebugSwap feature enables type B swaping of debug registers
on #VMEXIT and makes #DB and DR7 intercepts unnecessary and unwanted.

When DebugSwap is enabled, this stops booting if #VC for #DB or
DB7 read/write occurs as this signals unwanted interaction from the HV.

This adds new API which uses SEV-ES working area in PEI and SEC.

This does not change the existing behavour for DXE just yet but soon.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
 OvmfPkg/Include/Library/MemEncryptSevLib.h                         | 12 +++++++++
 OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c | 27 +++++++++++++++++---
 OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c | 19 ++++++++++++++
 OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 19 ++++++++++++++
 OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                        |  8 ++++++
 5 files changed, 82 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
index 4fa9c0d70083..0fa86aecc38c 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -166,6 +166,18 @@ MemEncryptSevGetEncryptionMask (
   VOID
   );
 
+/**
+  Returns a boolean to indicate whether DebugSwap is enabled.
+
+  @retval TRUE           DebugSwap is enabled
+  @retval FALSE          DebugSwap is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsDebugSwapIsEnabled (
+  VOID
+  );
+
 /**
   Returns the encryption state of the specified virtual address range.
 
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
index 4aba0075b9e2..ebc4c9bb5d06 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
@@ -40,19 +40,25 @@ AmdMemEncryptionAttrCheck (
   IN  CONFIDENTIAL_COMPUTING_GUEST_ATTR  Attr
   )
 {
+  UINT64  CurrentLevel;
+
+  CurrentLevel = CurrentAttr & CCAttrTypeMask;
+
   switch (Attr) {
     case CCAttrAmdSev:
       //
       // SEV is automatically enabled if SEV-ES or SEV-SNP is active.
       //
-      return CurrentAttr >= CCAttrAmdSev;
+      return CurrentLevel >= CCAttrAmdSev;
     case CCAttrAmdSevEs:
       //
       // SEV-ES is automatically enabled if SEV-SNP is active.
       //
-      return CurrentAttr >= CCAttrAmdSevEs;
+      return CurrentLevel >= CCAttrAmdSevEs;
     case CCAttrAmdSevSnp:
-      return CurrentAttr == CCAttrAmdSevSnp;
+      return CurrentLevel == CCAttrAmdSevSnp;
+    case CCAttrFeatureAmdSevDebugSwap:
+      return !!(CurrentAttr & CCAttrFeatureAmdSevDebugSwap);
     default:
       return FALSE;
   }
@@ -159,3 +165,18 @@ MemEncryptSevGetEncryptionMask (
 
   return mSevEncryptionMask;
 }
+
+/**
+  Returns a boolean to indicate whether DebugSwap is enabled.
+
+  @retval TRUE           DebugSwap is enabled
+  @retval FALSE          DebugSwap is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsDebugSwapIsEnabled (
+  VOID
+  )
+{
+  return ConfidentialComputingGuestHas (CCAttrFeatureAmdSevDebugSwap);
+}
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
index 41d1246a5b31..e2ebc8afcaee 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
@@ -141,3 +141,22 @@ MemEncryptSevGetEncryptionMask (
 
   return SevEsWorkArea->EncryptionMask;
 }
+
+/**
+  Returns a boolean to indicate whether DebugSwap is enabled.
+
+  @retval TRUE           DebugSwap is enabled
+  @retval FALSE          DebugSwap is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsDebugSwapIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER  Msr;
+
+  Msr.Uint32 = InternalMemEncryptSevStatus ();
+
+  return Msr.Bits.DebugSwap ? TRUE : FALSE;
+}
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 27148c7e337a..0e82dc85b299 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -142,6 +142,25 @@ MemEncryptSevGetEncryptionMask (
   return SevEsWorkArea->EncryptionMask;
 }
 
+/**
+  Returns a boolean to indicate whether DebugSwap is enabled.
+
+  @retval TRUE           DebugSwap is enabled
+  @retval FALSE          DebugSwap is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsDebugSwapIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER  Msr;
+
+  Msr.Uint32 = InternalMemEncryptSevStatus ();
+
+  return Msr.Bits.DebugSwap ? TRUE : FALSE;
+}
+
 /**
   Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
   Save State Map.
diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
index da8f1e5db9fa..29e244df3007 100644
--- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
+++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
@@ -1609,6 +1609,10 @@ Dr7WriteExit (
   UINT64                     *Register;
   UINT64                     Status;
 
+  if (MemEncryptSevEsDebugSwapIsEnabled ()) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+
   Ext       = &InstructionData->Ext;
   SevEsData = (SEV_ES_PER_CPU_DATA *)(Ghcb + 1);
 
@@ -1659,6 +1663,10 @@ Dr7ReadExit (
   SEV_ES_PER_CPU_DATA        *SevEsData;
   UINT64                     *Register;
 
+  if (MemEncryptSevEsDebugSwapIsEnabled ()) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+
   Ext       = &InstructionData->Ext;
   SevEsData = (SEV_ES_PER_CPU_DATA *)(Ghcb + 1);
 
-- 
2.44.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118516): https://edk2.groups.io/g/devel/message/118516
Mute This Topic: https://groups.io/mt/105863824/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH ovmf v3 3/5] OvmfPkg: Add AMD SEV-ES DebugSwap feature support

[Lendacky, Thomas via groups.io]

On 5/2/24 09:34, Alexey Kardashevskiy wrote:
> The SEV-ES DebugSwap feature enables type B swaping of debug registers
> on #VMEXIT and makes #DB and DR7 intercepts unnecessary and unwanted.
> 
> When DebugSwap is enabled, this stops booting if #VC for #DB or
> DB7 read/write occurs as this signals unwanted interaction from the HV.
> 
> This adds new API which uses SEV-ES working area in PEI and SEC.
> 
> This does not change the existing behavour for DXE just yet but soon.

This changes the SEC/PEI behavior while not changing DXE, which means 
two different behaviors. I wonder if the SEC and PEI changes that access 
the MSR value, should be part of the final patch that enables it for all 
stages. And in this patch, just have the SEC and PEI versions of 
MemEncryptSevEsDebugSwapIsEnabled() return FALSE for now.

Thanks,
Tom

> 
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
> ---
>   OvmfPkg/Include/Library/MemEncryptSevLib.h                         | 12 +++++++++
>   OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c | 27 +++++++++++++++++---
>   OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c | 19 ++++++++++++++
>   OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 19 ++++++++++++++
>   OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                        |  8 ++++++
>   5 files changed, 82 insertions(+), 3 deletions(-)
> 
> diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> index 4fa9c0d70083..0fa86aecc38c 100644
> --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
> +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> @@ -166,6 +166,18 @@ MemEncryptSevGetEncryptionMask (
>     VOID
>     );
>   
> +/**
> +  Returns a boolean to indicate whether DebugSwap is enabled.
> +
> +  @retval TRUE           DebugSwap is enabled
> +  @retval FALSE          DebugSwap is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevEsDebugSwapIsEnabled (
> +  VOID
> +  );
> +
>   /**
>     Returns the encryption state of the specified virtual address range.
>   
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
> index 4aba0075b9e2..ebc4c9bb5d06 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
> @@ -40,19 +40,25 @@ AmdMemEncryptionAttrCheck (
>     IN  CONFIDENTIAL_COMPUTING_GUEST_ATTR  Attr
>     )
>   {
> +  UINT64  CurrentLevel;
> +
> +  CurrentLevel = CurrentAttr & CCAttrTypeMask;
> +
>     switch (Attr) {
>       case CCAttrAmdSev:
>         //
>         // SEV is automatically enabled if SEV-ES or SEV-SNP is active.
>         //
> -      return CurrentAttr >= CCAttrAmdSev;
> +      return CurrentLevel >= CCAttrAmdSev;
>       case CCAttrAmdSevEs:
>         //
>         // SEV-ES is automatically enabled if SEV-SNP is active.
>         //
> -      return CurrentAttr >= CCAttrAmdSevEs;
> +      return CurrentLevel >= CCAttrAmdSevEs;
>       case CCAttrAmdSevSnp:
> -      return CurrentAttr == CCAttrAmdSevSnp;
> +      return CurrentLevel == CCAttrAmdSevSnp;
> +    case CCAttrFeatureAmdSevDebugSwap:
> +      return !!(CurrentAttr & CCAttrFeatureAmdSevDebugSwap);
>       default:
>         return FALSE;
>     }
> @@ -159,3 +165,18 @@ MemEncryptSevGetEncryptionMask (
>   
>     return mSevEncryptionMask;
>   }
> +
> +/**
> +  Returns a boolean to indicate whether DebugSwap is enabled.
> +
> +  @retval TRUE           DebugSwap is enabled
> +  @retval FALSE          DebugSwap is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevEsDebugSwapIsEnabled (
> +  VOID
> +  )
> +{
> +  return ConfidentialComputingGuestHas (CCAttrFeatureAmdSevDebugSwap);
> +}
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
> index 41d1246a5b31..e2ebc8afcaee 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
> @@ -141,3 +141,22 @@ MemEncryptSevGetEncryptionMask (
>   
>     return SevEsWorkArea->EncryptionMask;
>   }
> +
> +/**
> +  Returns a boolean to indicate whether DebugSwap is enabled.
> +
> +  @retval TRUE           DebugSwap is enabled
> +  @retval FALSE          DebugSwap is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevEsDebugSwapIsEnabled (
> +  VOID
> +  )
> +{
> +  MSR_SEV_STATUS_REGISTER  Msr;
> +
> +  Msr.Uint32 = InternalMemEncryptSevStatus ();
> +
> +  return Msr.Bits.DebugSwap ? TRUE : FALSE;
> +}
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
> index 27148c7e337a..0e82dc85b299 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
> @@ -142,6 +142,25 @@ MemEncryptSevGetEncryptionMask (
>     return SevEsWorkArea->EncryptionMask;
>   }
>   
> +/**
> +  Returns a boolean to indicate whether DebugSwap is enabled.
> +
> +  @retval TRUE           DebugSwap is enabled
> +  @retval FALSE          DebugSwap is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevEsDebugSwapIsEnabled (
> +  VOID
> +  )
> +{
> +  MSR_SEV_STATUS_REGISTER  Msr;
> +
> +  Msr.Uint32 = InternalMemEncryptSevStatus ();
> +
> +  return Msr.Bits.DebugSwap ? TRUE : FALSE;
> +}
> +
>   /**
>     Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
>     Save State Map.
> diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
> index da8f1e5db9fa..29e244df3007 100644
> --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
> +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
> @@ -1609,6 +1609,10 @@ Dr7WriteExit (
>     UINT64                     *Register;
>     UINT64                     Status;
>   
> +  if (MemEncryptSevEsDebugSwapIsEnabled ()) {
> +    return UnsupportedExit (Ghcb, Regs, InstructionData);
> +  }
> +
>     Ext       = &InstructionData->Ext;
>     SevEsData = (SEV_ES_PER_CPU_DATA *)(Ghcb + 1);
>   
> @@ -1659,6 +1663,10 @@ Dr7ReadExit (
>     SEV_ES_PER_CPU_DATA        *SevEsData;
>     UINT64                     *Register;
>   
> +  if (MemEncryptSevEsDebugSwapIsEnabled ()) {
> +    return UnsupportedExit (Ghcb, Regs, InstructionData);
> +  }
> +
>     Ext       = &InstructionData->Ext;
>     SevEsData = (SEV_ES_PER_CPU_DATA *)(Ghcb + 1);
>   


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119087): https://edk2.groups.io/g/devel/message/119087
Mute This Topic: https://groups.io/mt/105863824/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v3 4/5] UefiCpuPkg: Add AMD SEV-ES features support

[Alexey Kardashevskiy via groups.io]

CONFIDENTIAL_COMPUTING_GUEST_ATTR is not a simple SEV level anymore
and includes a feature mask since a previous commit.

This fixes AmdMemEncryptionAttrCheck to check the level and feature
correctly and adds DebugSwap support.

Since the actual feature flag is not set yet, this should cause
no behavioural change.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/MpLib.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
index d7244565029d..52fddfb7e571 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -3178,19 +3178,25 @@ AmdMemEncryptionAttrCheck (
   IN  CONFIDENTIAL_COMPUTING_GUEST_ATTR  Attr
   )
 {
+  UINT64  CurrentLevel;
+
+  CurrentLevel = CurrentAttr & CCAttrTypeMask;
+
   switch (Attr) {
     case CCAttrAmdSev:
       //
       // SEV is automatically enabled if SEV-ES or SEV-SNP is active.
       //
-      return CurrentAttr >= CCAttrAmdSev;
+      return CurrentLevel >= CCAttrAmdSev;
     case CCAttrAmdSevEs:
       //
       // SEV-ES is automatically enabled if SEV-SNP is active.
       //
-      return CurrentAttr >= CCAttrAmdSevEs;
+      return CurrentLevel >= CCAttrAmdSevEs;
     case CCAttrAmdSevSnp:
-      return CurrentAttr == CCAttrAmdSevSnp;
+      return CurrentLevel == CCAttrAmdSevSnp;
+    case CCAttrFeatureAmdSevDebugSwap:
+      return !!(CurrentAttr & CCAttrFeatureAmdSevDebugSwap);
     default:
       return FALSE;
   }
-- 
2.44.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118517): https://edk2.groups.io/g/devel/message/118517
Mute This Topic: https://groups.io/mt/105863831/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH ovmf v3 4/5] UefiCpuPkg: Add AMD SEV-ES features support

[Lendacky, Thomas via groups.io]

On 5/2/24 09:34, Alexey Kardashevskiy wrote:
> CONFIDENTIAL_COMPUTING_GUEST_ATTR is not a simple SEV level anymore
> and includes a feature mask since a previous commit.
> 
> This fixes AmdMemEncryptionAttrCheck to check the level and feature
> correctly and adds DebugSwap support.
> 
> Since the actual feature flag is not set yet, this should cause
> no behavioural change.
> 
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Rahul Kumar <rahul1.kumar@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Signed-off-by: Alexey Kardashevskiy <aik@amd.com>

Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>

> ---
>   UefiCpuPkg/Library/MpInitLib/MpLib.c | 12 +++++++++---
>   1 file changed, 9 insertions(+), 3 deletions(-)
> 
> diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
> index d7244565029d..52fddfb7e571 100644
> --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
> +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
> @@ -3178,19 +3178,25 @@ AmdMemEncryptionAttrCheck (
>     IN  CONFIDENTIAL_COMPUTING_GUEST_ATTR  Attr
>     )
>   {
> +  UINT64  CurrentLevel;
> +
> +  CurrentLevel = CurrentAttr & CCAttrTypeMask;
> +
>     switch (Attr) {
>       case CCAttrAmdSev:
>         //
>         // SEV is automatically enabled if SEV-ES or SEV-SNP is active.
>         //
> -      return CurrentAttr >= CCAttrAmdSev;
> +      return CurrentLevel >= CCAttrAmdSev;
>       case CCAttrAmdSevEs:
>         //
>         // SEV-ES is automatically enabled if SEV-SNP is active.
>         //
> -      return CurrentAttr >= CCAttrAmdSevEs;
> +      return CurrentLevel >= CCAttrAmdSevEs;
>       case CCAttrAmdSevSnp:
> -      return CurrentAttr == CCAttrAmdSevSnp;
> +      return CurrentLevel == CCAttrAmdSevSnp;
> +    case CCAttrFeatureAmdSevDebugSwap:
> +      return !!(CurrentAttr & CCAttrFeatureAmdSevDebugSwap);
>       default:
>         return FALSE;
>     }


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119088): https://edk2.groups.io/g/devel/message/119088
Mute This Topic: https://groups.io/mt/105863831/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v3 5/5] OvmfPkf: Enable AMD SEV-ES DebugSwap for DXE

[Alexey Kardashevskiy via groups.io]

This writes the feature bit into PcdConfidentialComputingGuestAttr
and enables DebugSwap for the DXE stage too.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
 OvmfPkg/PlatformPei/AmdSev.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e6724cf493a7..785872537728 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -434,6 +434,7 @@ AmdSevInitialize (
   )
 {
   UINT64         EncryptionMask;
+  UINT64         CCGuestAttr;
   RETURN_STATUS  PcdStatus;
 
   //
@@ -517,13 +518,19 @@ AmdSevInitialize (
   // technology is active.
   //
   if (MemEncryptSevSnpIsEnabled ()) {
-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSevSnp);
+    CCGuestAttr = CCAttrAmdSevSnp;
   } else if (MemEncryptSevEsIsEnabled ()) {
-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSevEs);
+    CCGuestAttr = CCAttrAmdSevEs;
   } else {
-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSev);
+    CCGuestAttr = CCAttrAmdSev;
   }
 
+  if (MemEncryptSevEsDebugSwapIsEnabled ()) {
+    CCGuestAttr |= CCAttrFeatureAmdSevDebugSwap;
+  }
+
+  PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCGuestAttr);
+
   ASSERT_RETURN_ERROR (PcdStatus);
 }
 
-- 
2.44.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118518): https://edk2.groups.io/g/devel/message/118518
Mute This Topic: https://groups.io/mt/105863832/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH ovmf v3 0/5] Enable AMD SEV-ES DebugSwap

[Alexey Kardashevskiy via groups.io]

Ping? Thanks,


On 3/5/24 00:34, Alexey Kardashevskiy wrote:
> This is to prevent #DB interception on SEV-ES VM with
> enabled DebugSwap feature, more details in 3/5.
> 
> The corresponding Linux change (HV and VM) went upstream
> long time ago:
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e221804dad4e
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d1f85fbe836e
> 
> The previous conversation (more than a year ago) is here:
> https://edk2.groups.io/g/devel/message/96808
> 
> v2 failed CI so here is v3 but with cosmetic changes only.
> 
> This is based on sha1
> fecf55a66a1c Michael Roth "OvmfPkg/CcExitLib: Drop special handling for Encrypted MMIO to APIC".
> 
> Please comment. Thanks.
> 
> 
> 
> Alexey Kardashevskiy (5):
>    MdePkg/Register/Amd: Define all bits from MSR_SEV_STATUS_REGISTER
>    MdePkg: Add AMD SEV features to PcdConfidentialComputingGuestAttr
>    OvmfPkg: Add AMD SEV-ES DebugSwap feature support
>    UefiCpuPkg: Add AMD SEV-ES features support
>    OvmfPkf: Enable AMD SEV-ES DebugSwap for DXE
> 
>   MdePkg/Include/ConfidentialComputingGuestAttr.h                    | 15 ++++-
>   MdePkg/Include/Register/Amd/Fam17Msr.h                             | 63 ++++++++++++++++++--
>   OvmfPkg/Include/Library/MemEncryptSevLib.h                         | 12 ++++
>   OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c | 27 ++++++++-
>   OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c | 19 ++++++
>   OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 19 ++++++
>   OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                        |  8 +++
>   OvmfPkg/PlatformPei/AmdSev.c                                       | 13 +++-
>   UefiCpuPkg/Library/MpInitLib/MpLib.c                               | 12 +++-
>   9 files changed, 173 insertions(+), 15 deletions(-)
> 

-- 
Alexey



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119069): https://edk2.groups.io/g/devel/message/119069
Mute This Topic: https://groups.io/mt/105863808/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-